ManhattanTechSupport.com Rebrands as Homefield IT; Providing Strategic Technology Services Across the Country.

Learn More

INFOGRAPHIC - A Comprehensive Guide To FINRA Compliance

FINRA can be a major stumbling block for some financial firms but having a trusted expert on your side provides a dependable path to compliance and confidence.

September 19, 2019Homefield IT

IT Consulting & StrategySecurityTech Support & Managed IT ServicesFinance

MSP Infographic (FINRA Compliance)_700px

A Manhattan Tech Support Guide to FINRA Compliance

FINRA can be a major stumbling block for some financial firms but having a trusted expert on your side provides a dependable path to compliance and confidence.

The Financial Industry Regulatory Authority (FINRA) is an independent, nongovernmental organization that writes and enforces rules that govern the securities industry. The three primary goals of FINRA are:

  • Foster transparency in the financial services marketplace
  • Enforce high ethical standards
  • Safeguards investors from malfeasance

For over 20 years, both Manhattan Tech Support — and its dedicated security division Kaytuso — have been helping financial firms gain visibility into their FINRA exposure and navigate the difficult road to FINRA compliance.

Over 100 billion financial transactions are processed by FINRA every day.[1]

A Brief History of FINRA

The history of FINRA extends almost 100 years back to the very earliest forms of financial regulation in the United States.

  • 1929 – The Wall St. Crash of 1929 leads to the creation of the Securities Exchange Act of 1934 and the Maloney Act.
  • 1939 – The National Association of Securities Dealers (NASD) is created to better implement those two acts, as well as other securities oversight provisions.
  • 1971 – NASD launches a computerized stock trading system called the National Association of Securities Dealers Automated Quotations (NASDAQ).
  • 2007 – Parts of NASDAQ and the New York Stock Exchange (NYSE) combined to create FINRA, streamlining the regulatory process and compliance standards.
  • 2019 – With headquarters in both Washington, D.C. and New York City — in addition to 20 regional offices throughout the country — FINRA now has approximately 3,000 employees.

What does FINRA Compliance Require?

At the highest level, FINRA technical requirements are focused on a few main objectives, each of which the Manhattan Tech Support team can help you achieve.

  • The implementation of risk management architecture
  • The protection of personal customer information
  • The deployment of supervisory controls

Each of these objectives is outlined in detail through FINRA’s many rules and guidelines, which include:

  • FINRA Rule 3110
    Standards for supervisory practices and documentation, branch office supervision, and human resource needs.
  • FINRA Rule 4530(b)
    Requirements for the reporting of financial irregularities and violations, including security self-assessments.
  • 17 CFR §248.201-202
    Policies and procedures to protect customer information from cyber-attacks.
  • 17 CFR §248.1-100
    Explains the firm’s responsibility in the detection and prevention of identity theft.

Strict Controls for Data Archiving

Another important part of FINRA is data archiving. SEC rule 17a-3, 17a-4, and FINRA Rule 4511 outline requirements for the archiving of communications, including email, text messages, team messages, and more.

Some of the specific rules include:

  • Archiving of records on non-renewable, non-erasable formats
  • Requirements for retention length, record format, record quality, and record availability
  • Ensure that archives are available for at least seven years

The Role of Cloud Computing in the Financial Services Industry

In 2019, FINRA announced a new set of standards to improve cloud security at financial firms. The new regulation will require that every firm have a plan to govern cloud applications and services with the same rigor that they manage traditional on-premise solutions.

Manhattan Tech Support guides financial firms through the FINRA cloud vendor management process

  • Onboard
    Establish a relevant set of controls based on a careful evaluation of cloud vendor service level agreements (SLAs)
  • Operation
    Ensure strong FINRA collaboration through vendor lifecycle, including security event notification, audits, testing, and more.
  • Termination
    Proper removal and destruction of protected data once your relationship with a cloud vendor has ended.

The NIST Cybersecurity Framework — An Indispensable Tool for Strong FINRA Compliance

FINRA’s regulations—especially those designed for small and midsized firms — are greatly informed by the National Institute for Standards and Technology (NIST) Cybersecurity & Risk Management Frameworks – federal resources originally designed to help protect national infrastructure from cyber threats.

NIST is a comprehensive system for managing cybersecurity risk, which outlines five distinct phases for effective risk management.

  • Identify
    Find the vulnerabilities of your physical and digital assets
  • Protect
    Control access to those assets with appropriate safeguards
  • Detect
    Maximize visibility over your network and identify threats quickly
  • Respond
    Contain cybersecurity events with a response plan
  • Recover
    Restore damaged services with a clearly defined action plan and set of tools

The Manhattan Tech Support team has been using the NIST framework for over 20 years to improve the cybersecurity at firms in the financial services sector. If you’d like to learn more about how we use the NIST framework, check out our blogs and infographics.

The High Cost OF FINRA Non-Compliance

FINRA compliance isn’t a hurdle that securities firms should take lightly. Compliance violations often come with stiff penalties, which can do irreparable damage to a small or midsized firm.

In 2016, FINRA distributed a record-setting $173.8 million in fines.[i]

In 2018, FINRA initiated 921 disciplinary actions, levied fines totaling $61 million, and ordered restitution of $25.5 million to investors.[ii] It also suspended 472 brokers.[iii]

While the total number of fines experienced a brief lull last year, FINRA regulators have indicated those numbers will likely climb again as they adopt new technologies, like artificial intelligence (AI), to detect compliance issues with greater efficiency.[iv]

Manhattan Tech Support Makes FINRA Compliance Easy

Don’t let FINRA compliance become a liability for your business. The experts at Manhattan Tech Support have been providing the financial services industry with comprehensive FINRA compliance solutions for two decades, and we’re eager to help more firms discover the deep sense of confidence and preparedness our FINRA service provides.

Do you have a question for our FINRA experts? Contact us anytime at [sales-phone] or [email-address]

 

1 https://www.finra.org/newsroom/2019/market-volatility-drives-finras-volume-new-record-2018

2 https://www.nist.gov/cyberframework

[i] https://www.thinkadvisor.com/2017/03/03/finras-5-biggest-fine-categories-in-2016/?slreturn=20190727113623

[ii] https://www.investopedia.com/terms/f/finra.asp

[iii] https://www.finra.org/sites/default/files/2018_Annual_Financial_Report.pdf

[iv] https://www.wealthmanagement.com/regulation-compliance/why-decline-fines-doesn-t-mean-relaxed-enforcement

Related Articles

AI trends in IT management

calendar March 22, 2023

author Homefield IT

Artificial Intelligence Business Intelligence Cloud Services Cyber Insurance IT Consulting & Strategy Tech Support & Managed IT Services Construction Education Finance Healthcare Legal Non-Profits Real Estate Startups

AI trends in IT management

AI is on everyone’s minds these days. ChatGPT3 and OpenAi have brought what’s possible to the mainstream in a way we haven’t seen outside of movies before. If you’ve spent any time following the trends online, there’s a lot of praise for what’s possible, what could be possible, and what will be possible over the […]

Read More
Best Microsoft 365 features for 2023

calendar March 15, 2023

author Homefield IT

Business Intelligence Cloud Services IT Consulting & Strategy Software Development Tech Support & Managed IT Services Construction Education Finance Healthcare Legal Non-Profits Real Estate Startups

Best Microsoft 365 features for 2023

Microsoft’s office suite (now called Microsoft 365) has come a long way from its early days as a word processor and spreadsheet platform. These days, Microsoft 365 is a powerhouse of productivity tools that handle everything from word processing to email and everything in between. With all the products and features that come bundled into […]

Read More
Digital Trust – what is it and how does it affect your business

calendar March 8, 2023

author Homefield IT

Business Intelligence Cloud Services Cyber Insurance IT Consulting & Strategy Security Tech Support & Managed IT Services Telecommunications Construction Education Finance Healthcare Legal Non-Profits Real Estate Startups

Digital Trust – what is it and how does it affect your business

It seems we hear new stories about cybercrime every day. The stories range from huge ransomware attacks on hospitals to city infrastructure being compromised. It might seem like this isn’t something that you and your business need to worry about, but it matters more each day. Customers need to know that your business (and by […]

Read More